PyLoris is a scriptable tool for testing a service's level of vulnerability to a particular class of Denial of Service (DoS) attack. Any service that places restrictions on the total number of simultaneous TCP connections has the potential for vulnerability to PyLoris. Additionally, services that handle connections in independent threads, services that poorly manage concurrent connections, and services that have high memory footprint per connection are prone to this form of vulnerability.
PyLoris uses the Slowloris method originally described by RSnake: by creating a large number of full TCP connections and keeping them open, services will soon hit the upper limit of the number of maintained connections. Unlike traditional DoS attacks, this is a direct attack on a service, not the hardware. The primary source of problem in a PyLoris attack is artificial constraints placed on the software, not hardware inadequacies.
The current version of PyLoris is 3.0. Improvements in this version include:
- A never before seen Graphical User Interface
- A Scripting API allowing for prepackaged attacks
- A protocol agnostic request builder
- A fully rewritten code base
PyLoris 3.0 requires Python 2.x to run. The latest version of PyLoris can be downloaded from http://www.sourceforge.net/project/pyloris.
What's new in PyLoris 3.0?
PyLoris 3.0 is a complete rewrite of the PyLoris code base. Everything was rethought, restructured, and rebuilt from the ground up. Along the way, I developed a feature set that I felt it needed, while retrospectively analyzing how PyLoris' users were trying to use it. In the end PyLoris 3.0 was given a GUI, a Scripting interface, and a threaded API. Click here to read more about the features and improvements in PyLoris 3.0.
What is PyLoris?
PyLoris is a tool that can be used to test web servers for a vulnerability to a specific class of Denial of Service attack. This class of attack is described by RSnake--along with the original proof of concept--at http://ha.ckers.org/slowloris. Click here to read a short discussion on the cause and impact of PyLoris.
Using PyLoris is simple. In its most basic form, PyLoris merely needs a copy of Python to run. Click here for information on utilizing PyLoris and all of its features.
Frequently Asked Questions
There are a lot of questions and rumors about PyLoris and Slowloris. I try to answer them to the best of my ability. Click here for answers to technical and non-technical questions regarding PyLoris
While reading through an article on Hack a Day, I came across RSnake's idea, as well as his implementation of this attack. Click here to read the backstory behind PyLoris.
There are a number of people who helped me in immeasurable ways. This is a short list of people that helped in the building and testing of PyLoris.comments powered by Disqus